none
single signon RRS feed

  • Question

  • Dear reader,

    The only single singon howto i can find thus far is about UAG crossite authentication.

    Is it possible to authenticate a user automatically to OWA and terminal server (2008r2) once the user is logged on at the UAG portal trunk?

    Thanks.


    MSCE
    Friday, March 26, 2010 8:14 PM

Answers

  • Hi Amigo. Yes it is :)

    UAG can sso to any web application whose authentication methids are HTTP 401 Request, HTML Forms or Kerberos authentication using the credentials the user gave during the logon to the portal. OWA is one of the web applications that IAG can sso by filling the authentication form out-of-the-box. Just go to properties of the application, and in the Web Settings tab mark the checkbox "Automatically reply to application-specific authentication..." select the radio button "HTML forms" and then select the repository whose credentials IAG must use to fill the forms.

    Hope it helps


    // Raúl - I love this game
    • Marked as answer by Erez Benari Wednesday, March 31, 2010 7:04 PM
    Monday, March 29, 2010 7:13 AM

All replies

  • Hi Amigo. Yes it is :)

    UAG can sso to any web application whose authentication methids are HTTP 401 Request, HTML Forms or Kerberos authentication using the credentials the user gave during the logon to the portal. OWA is one of the web applications that IAG can sso by filling the authentication form out-of-the-box. Just go to properties of the application, and in the Web Settings tab mark the checkbox "Automatically reply to application-specific authentication..." select the radio button "HTML forms" and then select the repository whose credentials IAG must use to fill the forms.

    Hope it helps


    // Raúl - I love this game
    • Marked as answer by Erez Benari Wednesday, March 31, 2010 7:04 PM
    Monday, March 29, 2010 7:13 AM
  • Hi,

    What about terminal services then?


    MSCE
    Thursday, April 1, 2010 11:56 AM
  • Hi Amigo. UAG can sso to RemoteApps published through UAG (UAG integrates the RD Gateway role). This is valid only for Windows 7 Clients (RDC 7.0). There is no sso for "Remote Desktop" or other RDC versions (so far)
    // Raúl - I love this game
    Tuesday, April 6, 2010 1:41 PM
  • Hi,

    Sorry for bringing the topic backup up again. but Technet says this:

    Single sign on (SSO)─Forefront UAG adds single sign-on functionality for RDS. The credentials provided by the user for session login can be used to authenticate to published RemoteApps and Desktop Connections.

    On this website:

    http://technet.microsoft.com/en-us/library/dd861469.aspx

    Which makes it a bit confusing. For me..


    MSCE
    Thursday, May 27, 2010 12:18 PM
  • Hi Ruud,

    That is a wrong statement on TechNet and it will be fixed in the near future.

    The correct statement is what Raul has said: UAG can perform SSO for RemoteApps launched on Windows 7 clients, and starting with Update 1 for UAG 2010, also on XP SP3 and Vista SP1/SP2 clients, as mentioned here: Enabling RDS on Windows Vista and Windows XP

    -Ran

    Thursday, May 27, 2010 3:05 PM